On September 7, 2017, Equifax first notified the public that it had fallen victim to the largest cyberattack in recent memory. Hackers were able to get consumers’ names, social insurance numbers, birth dates, addresses, credit card information and, in some cases, driver’s license numbers. Canadians will face the threat of identity theft for years to come.We are launching a class action against Equifax in the British Columbia Supreme Court on behalf of Canadian residents affected by the breach. Equifax recently sent affected consumers warning letters advising of the data breach. If you have received one of these letters, please contact us. More information about the cybersecurity breach itself can be found below.

Contact Us About the Equifax Data Breach

Name*

Email*

Phone*

Claim Information

No CAPTCHA

How Did the Equifax Data Breach Occur?

Equifax has now admitted that the largest cybersecurity data breach in recent memory was caused by Equifax’s failure to install regular patches, or “updates”, on its web software. This basic security measure is taken millions of times per day by individual consumers who allow the App Store to update a favourite iPhone app. For some reason, Equifax chose not to follow this most basic security procedure.

Apache Struts, the company which develops Equifax’s web software, has explained that it instructed Equifax in March, 2017 to update its software to protect against certain vulnerabilities. It would seem that Equifax, for some reason, ignored this instruction. It has since been reported by “good Samaritan” hackers that Equifax’s website coding is riddled with similar vulnerabilities related to outdated software.

Of course, the Equifax breach is made worse by the fact that Equifax holds itself out as a data security expert who is able to protect consumers, in exchange for monthly subscription fees, against data breaches.

How Do I Protect Against Identity Theft?

Unfortunately, for victims of the Equifax data breach, the risk of financial and personal injury, including identity theft, persists indefinitely.

When a credit card is stolen, the account may be cancelled or the numbers changed. But when core personal data — such as social insurance numbers, birth names, and dates of birth — is stolen, there are no accounts to cancel or numbers to change.Once hackers gain access to these key pieces of personal data — which is akin to the DNA of a person’s online digital self — the data is at the cyber thieves’ permanent disposal to cause harm.